As phishing scams continue to rise, a worrying trend has emerged. Rather than target companies, hackers are increasingly trying to imitate higher ranked officers in a company’s hierarchy. These spoof attempts are simple but can catch their companies completely off guard if they aren’t careful. Using social engineering, they identify who would oversee finances and then send a message to that person disguised as someone such as the CEO.
These emails look legitimate and tell the potential victim that they are unavailable and then sends them a particular file or asks them to wire money. Most people would think that this is a scam, but some unfortunately take the bait and send it. One company accidentally sent 250 W-2 forms via this method. The statistics show an increase in the number of these spoof emails. According to INKY, an email protection group, “ 12 percent of phishing attacks took the form of corporate VIP impersonations, 10 percent were sender forgery and six percent were via corporate email spoofing.” This shows that more hackers are not targeting the company itself but rather the rank and file workers disguising themselves as their respective supervisors.
With any spoofing email, the best way to avoid being scammed is constant vigilance. If you don’t know if its legitimate, ask. Never send money or data across an email. Always confirm with the sender before taking action.